Some mobile apps are indispensible - mail, calendar, messaging, camera, Wikipedia and IMDB. But who doesn't have too many apps on their phone? Paul Madsen from Ping, Scott Jenson from frog, and Mark Dixon from Oracle think about the implications of this as we grow the Internet of Things:
Anil John: An Emerging Standard for Identity Proofing and Verification The Identity Proofing and Verification (IDPV) Standard Development Project (ANSI/NASPO-IDPV-2013) at the North American Security Products Organization (NASPO), which is an ANSI-accredited standards development organization, is developing minimum standards for the assertion, evidence and verification of personal identity. To my knowledge, this is currently the most comprehensive, data-driven, and privacy respecting effort in the area of identity assurance that has active practitioner engagement.
Dave Kearns: Passwords, Authentication's Zombies The track on authentication and authorization - so near and dear to my heart - drew a standing room only crowd who were eager to join in the discussion. As always when AuthN is discussed, passwords drew an inordinate amount of the discussion. I reminded the panelists and the audience that no less a personage than Bill Gates predicted the "death of passwords" back in 2004. And that even within Microsoft, passwords were still in use.
SecureKey Named Board Member of the Open Identity Exchange SecureKey Technologies Inc., a global leader in building identity and authentication ecosystems, today announced that it has joined the Open Identity Exchange (OIX) at the executive level, joining the board of the non-profit organization dedicated to building trust in the exchange of online identity credentials across public and private sectors.
T.Rob Wyatt: Duking it out with miicard In my never-ending quest to make the world make sense, I have turned my attention to miicard.com once again. They are pretty good, use HTTPS where it counts, don't email my stored password around, and I even let them verify bank accounts. But they are not without some issues. In the interest of cutting to the chase, I've emailed James Varga (CEO) & Stuart Fraser (CTO) links to this post.
Dirk Balfanz: Channel-Bound Cookies Once the underlying TLS channel uses TLS client authentication (with the TLS-OBC extension), the server can bind its cookies to the TLS channel by associating them with the client's public key, and ensuring that the cookies are only ever used over TLS channels authenticated with that public (client) key.
nordicapis Nordic APIs are API events all over the Nordics. Check out nordicapis.com and @nordicapis.
Edward Ferrara: Cloud Security - Expect accelerated deployments due to strong moves by providers to improve security Forrester research has always identified security as a major impediment to broad scale implementation for cloud, regardless of the model, SaaS, PaaS, IaaS, the adoption rate has been slowed by security concerns. Cloud providers recognize this is an impediment to selling cloud services and in response are strengthening their security controls. In Forrester's Forrsights research program we interview over 2,000 security decision makers on a variety of security issues and topics. Cloud security tops the list of concerns regarding cloud deployments.
Paul Trevithick: LMPs vs. PDSes vs. Personal Clouds I agree with this need to add apps to PDSes. This is similar to what we worked on back in the heady Information Card days. In 2009, when we saw that getting adoption of pure InfoCards was going to be a long march, we tried to add the concept of "apps" to the data held in the InfoCard (or better yet "pointed to it by an r-card). We called them app-cards-a superset of InfoCards. We decided to integrate Kynetx's KRL technology to implement these apps. Which means the apps got executed in the cloud.
Mike Small: The Cloud Blossoms in Europe A recent report commission by CA Technologies Inc. looks at the growth of the use of cloud services and the evolving attitudes to the security of these. This report shows some interesting findings: For instance, Europe is catching up with the US, with "38% of the European respondents using cloud for two to three years." As compared with "55% of the companies in the US have been in the cloud for three or more years."
NSTIC Federal Funding Opportunity: Evaluate the NSTIC State Government Pilots The NSTIC NPO is pleased to announce a new Federal Funding Opportunity (FFO) to support the establishment of the Identity Ecosystem, specifically by helping us identify and make available to our broad community of stakeholders key lessons learned in the NSTIC state government pilots, to be awarded later this year.
Dave Birch: Taxi for cash! Some years ago, Ronnie O'Toole from the Central Bank of Ireland was kind enough to come along and give a talk at our annual Forum in London. Apart from the fact it was a terrific talk in all respects, I always remember it because he brought up the topic of taxis as a benchmark for cash replacement and this struck me at the time as the perfect prosaic platform to assess the evolution of alternatives.
Dave Birch: Not just contactless, but M&S contactless As I told the BBC researcher when I was asked about these reports, I think it highly unlikely that M&S is a source of dark energy, cold fusion or electromagnetic fields that defy the laws of physics. I simply do not believe the claims that the terminals read cards that were a foot away from the readers and nor do I believe claims that customers were "accidentally" double-charged. As someone observed in response to The Guardian article on same.
Identity Woman: Interesting events in 2013 This is a calendar of events that I know in 2013 (and beyond). I think they're interesting, I'm currently planning on attending all the events in BLACK, I'm helping co-organize all the events with RED headlines. Some events will change from interesting to attending as they approach.
Zetetic: Building Secure Applications: June 6th at New Work City On Thursday June 6th Zetetic and The Guardian Project will be hosting an evening of short talks and conversation about the how and why of building secure mobile applications that keep the user's data encrypted and hidden from prying eyes. We'll have a few short presentations on tools like SQLCipher, IOCipher, and NetCipher and how they can be used in modern applications. We'll answer questions about general strategies and specific toolkits, and our developers will be available to chat afterwards over pizza and beer.
IDESG: July 2013 Plenary Meeting What: 5th IDESG Plenary Meeting When: July 24-26, 2013 Where: Massachusetts Institute of Technology (MIT) Media Labs - 75 Amherst St Cambridge, MA 02139
Call For Papers - Open Identity Summit 2013 September 10th - 11th 2013, Kloster Banz, Germany Deadline for electronic submissions: May 15th, 2013 The aim of Open Identity Summit 2013 is to link practical experiences and requirements with academic innovations. Focus areas will be Research and Applications in the area of Identity Management and Open Source with a special focus on Cloud Computing.
eID & ePass 5th edition National eID & ePassport Conference - the Global Forum on the drivers behind the digitalization of citizen ID documents proudly announce the 5th edition in BERLIN 2013, 28th & 29th of October @Intercontinental Berlin.